Uncompromising SecurityKeep your website, data, customers and reputation safe
The World Wide Web is a scary place.
Every day, every server is under attack from robots, crawlers and other threats.
Our Multi-Tier Approach to Security
- We employ multiple advanced solutions and firewalls to protect your site and, more importantly the server it resides on.
- We automatically take backups of your data, files and media every day and store them offsite.
- We use RAID 10 for all of our servers to minimize the damage a bad disk can cause.
In over 20 years of working with websites we have not lost any data due to hardware failure.
We start off with CloudFlare – not only do they make your website faster for everyone they also protect it from a wide range of online threats from spammers to SQL Injection to Distributed Denial of Service (DDOS) attacks.
3 Levels of Firewalls
Protecting your website also means protecting the servers your website is on. We employ three levels of firewall behind the protection that CloudFlare offers. In addition, we lock down every port that we possibly can and do not allow any password access to the server itself. We only use extended private key pairs and limit the external IP addresses that are even allowed to see your servers.
Plugin and Core File Updates
We regularly update the plugins and core files for your website. All too often we have seen new clients that have dozens of unfulfilled security patches. Left unfixed these patches represent one of the largest threats to your website’s security. Recently there was a massive issue with WordPress and over a course of five days the core version was changed four times. Even though this involved much more work, every single one of those patches was applied in less than 24 hours, until the issue was finally stabilized.
Updating plugins is key, but sometimes you make a mistake or a new plugin causes issues on your site and you need to be able to revert back to a previous release. We keep snapshots of every website, often for over 12 months, and can go back in time to a day when the plugin was working.
Advanced Password Security
The choice of passwords is probably the easiest way to compromise the security of your website which is why we employ advanced password checking algorithms such that you are forced to create a strong password from day one. Passwords like “abc” or “password” are not allowed. You will thank us when the other guys are hacked and you are still safe. For our Administration accounts we do not use passwords at all and instead employ a two-factor authentication scheme from those talented folks over at Clef.
Back In Time Feature
Should your site ever become compromised, we have a Back In Time feature that allows us to roll the entire site, data and files to a previous time before the hack. This is often the best way of getting a site back prime condition. Because we use RAID 10 for all of our disks it is unlikely we’ll lose data due to a bad disk. However, if it does happen we have daily backups offsite such that we can restore your site and have you running again within 24 hours.